[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   27.303010] kauditd_printk_skb: 7 callbacks suppressed
[   27.303022] audit: type=1800 audit(1541537432.204:29): pid=5566 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   27.331517] audit: type=1800 audit(1541537432.204:30): pid=5566 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.41' (ECDSA) to the list of known hosts.
2018/11/06 20:50:45 parsed 1 programs
2018/11/06 20:50:47 executed programs: 0
syzkaller login: [   42.423624] IPVS: ftp: loaded support on port[0] = 21
[   42.671600] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.678621] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.686016] device bridge_slave_0 entered promiscuous mode
[   42.704174] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.710563] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.717605] device bridge_slave_1 entered promiscuous mode
[   42.734584] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   42.753355] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   42.803418] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   42.822989] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   42.896480] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   42.904540] team0: Port device team_slave_0 added
[   42.920561] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   42.927684] team0: Port device team_slave_1 added
[   42.944973] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   42.965285] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   42.984962] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   43.004574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   43.147587] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.154061] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.160841] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.167249] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.665939] 8021q: adding VLAN 0 to HW filter on device bond0
[   43.715957] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   43.766072] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   43.772202] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   43.781033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.831588] 8021q: adding VLAN 0 to HW filter on device team0
[   44.981412] vivid-000: kernel_thread() failed
[   45.006673] ==================================================================
[   45.014171] BUG: KASAN: null-ptr-deref in kthread_stop+0x108/0x8f0
[   45.020476] Write of size 4 at addr 000000000000001c by task syz-executor0/6056
[   45.027906] 
[   45.029523] CPU: 1 PID: 6056 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181106+ #106
[   45.038005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   45.047342] Call Trace:
[   45.049921]  dump_stack+0x244/0x39d
[   45.053534]  ? dump_stack_print_info.cold.1+0x20/0x20
[   45.058713]  ? vprintk_func+0x85/0x181
[   45.062587]  kasan_report.cold.8+0x6d/0x309
[   45.066898]  ? kthread_stop+0x108/0x8f0
[   45.070861]  check_memory_region+0x13e/0x1b0
[   45.075260]  kasan_check_write+0x14/0x20
[   45.079319]  kthread_stop+0x108/0x8f0
[   45.083113]  ? kthread_unpark+0x160/0x160
[   45.087251]  ? __lock_is_held+0xb5/0x140
[   45.091336]  vivid_stop_generating_vid_cap+0x2bb/0x9ae
[   45.096625]  ? vivid_start_generating_vid_cap+0x4c0/0x4c0
[   45.102152]  ? _vb2_fop_release+0x3f/0x2b0
[   45.106376]  ? mutex_trylock+0x2b0/0x2b0
[   45.110421]  ? vivid_fop_release+0x66/0x440
[   45.114726]  ? __mutex_lock+0x85e/0x16f0
[   45.118778]  vid_cap_stop_streaming+0x8d/0xe0
[   45.123257]  ? vid_cap_buf_queue+0x310/0x310
[   45.127648]  __vb2_queue_cancel+0x171/0xd20
[   45.131959]  ? lock_downgrade+0x900/0x900
[   45.136094]  ? vb2_buffer_done+0xb80/0xb80
[   45.140320]  ? find_held_lock+0x36/0x1c0
[   45.144374]  ? mark_held_locks+0xc7/0x130
[   45.148527]  ? kasan_check_write+0x14/0x20
[   45.152757]  ? __mutex_unlock_slowpath+0x197/0x8c0
[   45.157676]  ? kasan_check_read+0x11/0x20
[   45.161804]  ? wait_for_completion+0x8a0/0x8a0
[   45.166370]  ? trace_hardirqs_off_caller+0x300/0x300
[   45.171464]  vb2_core_streamoff+0x60/0x140
[   45.175688]  __vb2_cleanup_fileio+0x73/0x160
[   45.180083]  vb2_core_queue_release+0x1e/0x80
[   45.184569]  _vb2_fop_release+0x1d2/0x2b0
[   45.188704]  vb2_fop_release+0x77/0xc0
[   45.192577]  vivid_fop_release+0x18e/0x440
[   45.196795]  ? vivid_remove+0x460/0x460
[   45.200772]  v4l2_release+0x224/0x3a0
[   45.204577]  __fput+0x3bc/0xa70
[   45.207859]  ? dev_debug_store+0x140/0x140
[   45.212082]  ? get_max_files+0x20/0x20
[   45.215978]  ? trace_hardirqs_on+0xbd/0x310
[   45.220300]  ? kasan_check_read+0x11/0x20
[   45.224441]  ? task_work_run+0x1af/0x2a0
[   45.228491]  ? trace_hardirqs_off_caller+0x300/0x300
[   45.233595]  ? filp_close+0x1cd/0x250
[   45.237407]  ____fput+0x15/0x20
[   45.240679]  task_work_run+0x1e8/0x2a0
[   45.244554]  ? task_work_cancel+0x240/0x240
[   45.248867]  ? copy_fd_bitmaps+0x210/0x210
[   45.253122]  ? do_syscall_64+0x9a/0x820
[   45.257112]  exit_to_usermode_loop+0x318/0x380
[   45.261687]  ? __bpf_trace_sys_exit+0x30/0x30
[   45.266170]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   45.271706]  do_syscall_64+0x6be/0x820
[   45.275591]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   45.280947]  ? syscall_return_slowpath+0x5e0/0x5e0
[   45.285865]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   45.290709]  ? trace_hardirqs_on_caller+0x310/0x310
[   45.295711]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   45.300711]  ? prepare_exit_to_usermode+0x291/0x3b0
[   45.305714]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   45.310549]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   45.315731] RIP: 0033:0x411021
[   45.318907] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 34 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[   45.337792] RSP: 002b:00007fff15f690e0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   45.345481] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000411021
[   45.352737] RDX: 0000000000000000 RSI: 00000000007305f8 RDI: 0000000000000003
[   45.359990] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   45.367241] R10: 00007fff15f69000 R11: 0000000000000293 R12: 0000000000000000
[   45.374492] R13: 0000000000000001 R14: 000000000000000d R15: 0000000000000000
[   45.381758] ==================================================================
[   45.389124] Disabling lock debugging due to kernel taint
[   45.397683] Kernel panic - not syncing: panic_on_warn set ...
[   45.403586] CPU: 1 PID: 6056 Comm: syz-executor0 Tainted: G    B             4.20.0-rc1-next-20181106+ #106
[   45.413457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   45.422818] Call Trace:
[   45.425406]  dump_stack+0x244/0x39d
[   45.429020]  ? dump_stack_print_info.cold.1+0x20/0x20
[   45.434203]  panic+0x2ad/0x55c
[   45.437384]  ? add_taint.cold.5+0x16/0x16
[   45.441524]  ? preempt_schedule+0x4d/0x60
[   45.445660]  ? ___preempt_schedule+0x16/0x18
[   45.450056]  ? trace_hardirqs_on+0xb4/0x310
[   45.454365]  kasan_end_report+0x47/0x4f
[   45.458334]  kasan_report.cold.8+0x76/0x309
[   45.462644]  ? kthread_stop+0x108/0x8f0
[   45.466608]  check_memory_region+0x13e/0x1b0
[   45.471007]  kasan_check_write+0x14/0x20
[   45.475075]  kthread_stop+0x108/0x8f0
[   45.478865]  ? kthread_unpark+0x160/0x160
[   45.483004]  ? __lock_is_held+0xb5/0x140
[   45.487071]  vivid_stop_generating_vid_cap+0x2bb/0x9ae
[   45.492357]  ? vivid_start_generating_vid_cap+0x4c0/0x4c0
[   45.497884]  ? _vb2_fop_release+0x3f/0x2b0
[   45.502112]  ? mutex_trylock+0x2b0/0x2b0
[   45.506175]  ? vivid_fop_release+0x66/0x440
[   45.510482]  ? __mutex_lock+0x85e/0x16f0
[   45.514533]  vid_cap_stop_streaming+0x8d/0xe0
[   45.519013]  ? vid_cap_buf_queue+0x310/0x310
[   45.523420]  __vb2_queue_cancel+0x171/0xd20
[   45.527732]  ? lock_downgrade+0x900/0x900
[   45.531862]  ? vb2_buffer_done+0xb80/0xb80
[   45.536083]  ? find_held_lock+0x36/0x1c0
[   45.540138]  ? mark_held_locks+0xc7/0x130
[   45.544276]  ? kasan_check_write+0x14/0x20
[   45.548494]  ? __mutex_unlock_slowpath+0x197/0x8c0
[   45.553410]  ? kasan_check_read+0x11/0x20
[   45.557542]  ? wait_for_completion+0x8a0/0x8a0
[   45.562117]  ? trace_hardirqs_off_caller+0x300/0x300
[   45.567209]  vb2_core_streamoff+0x60/0x140
[   45.571430]  __vb2_cleanup_fileio+0x73/0x160
[   45.575847]  vb2_core_queue_release+0x1e/0x80
[   45.580333]  _vb2_fop_release+0x1d2/0x2b0
[   45.584469]  vb2_fop_release+0x77/0xc0
[   45.588368]  vivid_fop_release+0x18e/0x440
[   45.592589]  ? vivid_remove+0x460/0x460
[   45.596567]  v4l2_release+0x224/0x3a0
[   45.600360]  __fput+0x3bc/0xa70
[   45.603627]  ? dev_debug_store+0x140/0x140
[   45.607873]  ? get_max_files+0x20/0x20
[   45.611752]  ? trace_hardirqs_on+0xbd/0x310
[   45.616073]  ? kasan_check_read+0x11/0x20
[   45.620235]  ? task_work_run+0x1af/0x2a0
[   45.624285]  ? trace_hardirqs_off_caller+0x300/0x300
[   45.629383]  ? filp_close+0x1cd/0x250
[   45.633170]  ____fput+0x15/0x20
[   45.636435]  task_work_run+0x1e8/0x2a0
[   45.640329]  ? task_work_cancel+0x240/0x240
[   45.644645]  ? copy_fd_bitmaps+0x210/0x210
[   45.648866]  ? do_syscall_64+0x9a/0x820
[   45.652826]  exit_to_usermode_loop+0x318/0x380
[   45.657394]  ? __bpf_trace_sys_exit+0x30/0x30
[   45.661875]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   45.667396]  do_syscall_64+0x6be/0x820
[   45.671272]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   45.676623]  ? syscall_return_slowpath+0x5e0/0x5e0
[   45.681550]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   45.686382]  ? trace_hardirqs_on_caller+0x310/0x310
[   45.691394]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   45.696397]  ? prepare_exit_to_usermode+0x291/0x3b0
[   45.701399]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   45.706230]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   45.711404] RIP: 0033:0x411021
[   45.714585] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 34 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[   45.733487] RSP: 002b:00007fff15f690e0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   45.741181] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000411021
[   45.748435] RDX: 0000000000000000 RSI: 00000000007305f8 RDI: 0000000000000003
[   45.755685] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   45.762939] R10: 00007fff15f69000 R11: 0000000000000293 R12: 0000000000000000
[   45.770190] R13: 0000000000000001 R14: 000000000000000d R15: 0000000000000000
[   45.778442] Kernel Offset: disabled
[   45.782073] Rebooting in 86400 seconds..